Class LdapUtilities
- java.lang.Object
-
- com.identityworksllc.iiq.common.LdapUtilities
-
public class LdapUtilities extends Object
Utilities for dealing with LDAP DNs and other similar concepts
-
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static String
ldapCleanGroupName(String groupDN)
Extracts the name from an LDAP formatted group name.static boolean
ldapContains(List<String> container, String seeking)
Returns true if the given list of DNs contains a matching DN by RDN.static boolean
ldapContains(List<String> container, String seeking, int depth)
Returns true if the given list of DNs contains a value matching the given ‘seeking’ DN, up to the given depth.static String
ldapGetMatch(List<String> container, String seeking)
Given a list of possible matching DNs (the container), finds the first one that matches the RDN of the ‘seeking’ string.static String
ldapGetMatch(List<String> container, String seeking, int depth)
Given a list of possible matching DNs (the container), finds the first one that matches the ‘seeking’ string up to the given depth.static String
ldapGetRdn(String dn, int size)
Extracts the first N RDNs from an LDAP formatted DN.static String
ldapGetRdn(LdapName name, int size)
Extracts the first N RDNs from an LDAP formatted DN.static boolean
ldapMatches(String name, String otherName)
Returns true if the first element of the given LDAP name matches the value provided.static boolean
ldapMatches(String name, String otherName, int depth)
Returns true if the given objects match by comparing them as LDAP DNs up to the depth specified.
-
-
-
Method Detail
-
ldapCleanGroupName
public static String ldapCleanGroupName(String groupDN) throws InvalidNameException
Extracts the name from an LDAP formatted group name.For example, if given CN=AD Group Name,OU=Groups,OU=Security,DC=client,DC=example,DC=com, this method would return “AD Group Name”.
- Parameters:
groupDN
- The group DN- Returns:
- the group name
- Throws:
InvalidNameException
- if this is not an LDAP name
-
ldapContains
public static boolean ldapContains(List<String> container, String seeking)
Returns true if the given list of DNs contains a matching DN by RDN.This is useful for searching a list of AD groups (e.g., user entitlements) for a given value, without having to worry about differing domain suffixes across dev, test, and prod.
Equivalent to
ldapContains(List, String, int)
with a depth of 1.- Parameters:
container
- A list of candidate DNsseeking
- The DN (whole or partial) to match- Returns:
- True if the list contains a matching DN, false if not
-
ldapContains
public static boolean ldapContains(List<String> container, String seeking, int depth)
Returns true if the given list of DNs contains a value matching the given ‘seeking’ DN, up to the given depth.- Parameters:
container
- A list of candidate DNsseeking
- The DN (whole or partial) to matchdepth
- The depth of search- Returns:
- True if the list contains a matching DN, false if not
-
ldapGetMatch
public static String ldapGetMatch(List<String> container, String seeking)
Given a list of possible matching DNs (the container), finds the first one that matches the RDN of the ‘seeking’ string.- Parameters:
container
- A list of candidate DNsseeking
- The DN we are seeking to match- Returns:
- The DN matching the search, or null if none is found
-
ldapGetMatch
public static String ldapGetMatch(List<String> container, String seeking, int depth)
Given a list of possible matching DNs (the container), finds the first one that matches the ‘seeking’ string up to the given depth.- Parameters:
container
- A list of candidate DNsseeking
- The DN we are seekingdepth
- The number of RDN components to match- Returns:
- The DN matching the search, or null if none is found
-
ldapGetRdn
public static String ldapGetRdn(String dn, int size) throws InvalidNameException
Extracts the first N RDNs from an LDAP formatted DN.For example, if given CN=AD Group Name,OU=Groups,OU=Security,DC=client,DC=example,DC=com, and a size of 1, this method would return “CN=AD Group Name”. A size of 2 would produce “CN=AD Group Name,OU=Groups”.
- Parameters:
dn
- The object’s distinguishedNamesize
- The number of RDN elements to return- Returns:
- the first ‘size’ RDNs of the DN
- Throws:
InvalidNameException
- if this is not an LDAP name
-
ldapGetRdn
public static String ldapGetRdn(LdapName name, int size) throws InvalidNameException
Extracts the first N RDNs from an LDAP formatted DN.For example, if given CN=AD Group Name,OU=Groups,OU=Security,DC=client,DC=example,DC=com, and a size of 1, this method would return “CN=AD Group Name”. A size of 2 would produce “CN=AD Group Name,OU=Groups”.
- Parameters:
name
- The already-parsed LdapName objectsize
- The number of RDN elements to return- Returns:
- the first ‘size’ RDNs of the DN
- Throws:
InvalidNameException
- if this is not an LDAP name
-
ldapMatches
public static boolean ldapMatches(String name, String otherName)
Returns true if the first element of the given LDAP name matches the value provided.Equivalent to ldapMatches(name, otherName, 1).
- Parameters:
name
- The LDAP name to checkotherName
- The other name to compare against- Returns:
- True if the names are LDAP DNs and equal ignoring case, otherwise false
-
ldapMatches
public static boolean ldapMatches(String name, String otherName, int depth)
Returns true if the given objects match by comparing them as LDAP DNs up to the depth specified.For example, the following two DNs will match at a depth of 1, but not a depth of 2.
CN=Group Name,OU=Groups,DC=test,DC=example,DC=com cn=group name,OU=Administrators,DC=test,DC=example,DC=com
This is primarily useful with AD environments where the group names will have a suffix varying by domain.
- Parameters:
name
- The first LDAP nameotherName
- The second LDAP namedepth
- The number of DN elements to search for a match (with 1 being the RDN only)- Returns:
- True if the names are indeed LDAP DNs and equal ignoring case, false otherwise
-
-